Rich Megginson wrote:
Nelson B wrote:
Below, you seem to be asking how they are stored in certificates.
I'll answer the questions about what appear in certs.
1) Are appended ports actually allowed in the subjectAltName or CN?
No.
How about the return value from SSL_RevealURL( fd ) ?
Nelson B wrote:
Rich Megginson wrote:
In the LDAP C SDK code, we call SSL_SetURL with the hostlist argument
which is passed in to ldapssl_connect(). So I suppose the real fix for
the ldap c sdk is to make sure we call SSL_SetURL with a simple
hostname.
Let me suggest that the real fix
Nelson B wrote:
Ulf Weltman wrote:
Hi all. I'm writing some code that prepares compact host:port addresses
for certificate CN checking. This is to handle an application that
keeps a host list like foo.example.com 192.168.1.1:2389
[fe80::230:6eff:fe4b:703] [fe80::230:6eff:fe4b:703]:3389.
Nelson B wrote:
But even though the RFCs define how IP addresses are represented in
certificates, I think you'll not find any real CAs that issue certs with
IP addresses in them.
IP addresses in certificates are used for network infrastructure
security, such as with IPSEC. For instance, when
4 matches
Mail list logo